ABB Relion 650 and 670 Series

CVSS 5.3 MEDIUM

Risk Summary

Successful exploitation of this vulnerability may allow an attacker to reboot the device, causing a denial of service.

CVE-2019-18247

Relion 650 series: version 1.3.0.6
Relion 670 series: version 1.2.3.19
Relion 670 series: version 2.0.0.12
Relion 670 series: version 2.1.0.2
Updates can be ordered by email at: [email protected]
Process control systems are physically protected from direct access by unauthorized personnel.
Process control systems have no direct connections to the Internet.
Process control systems are separated from other networks by means of a firewall system that has a minimal number of ports/services exposed.
Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.
Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
More information on recommended practices can be found in the ABB Cybersecurity Deployment Guidelines for each product version.
ABB has not identified any workaround; however, firewall rules could be set to block incoming traffic to Port 7001/TCP that originate from outside the network.
In the Relion 650 series Version 1.3, the SPA protocol over TCP/IP could be disabled if it is not in use.
For more information, see the ABB Cybersecurity Advisory 1MRG027165

ABB

ABB · Relion 670 series <= 2.1.0.1

ABB · Relion 670 series <= 1.2.3.18

ABB · Relion 670 series <= 2.0.0.11

ABB · Relion 650 series <= 1.3.0.5

Critical Manufacturing, Energy

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.